When an organization experiences a disruptive event, the business continuity plan (BCP) should be triggered PRIMARILY based on:
When an organization experiences a disruptive event, the business continuity plan (BCP) should be triggered PRIMARILY based on:
A Business Continuity Plan (BCP) is generally triggered based on management direction. While factors such as the expected duration of the outage, the root cause of the event, or the type of security incident may influence the decision, it is ultimately the management's responsibility to evaluate the situation and decide when to activate the BCP. This ensures a coordinated and controlled response to the disruptive event.
A- Why not D, because Management direction or decision to activate BCP will be based on some criteria which is primarily 'A'. Why not 'C', because BCP could be non-security event based trigger as well.
C. type of security incident.
i agree with D. Incident response procedures should dictate the process to enact BCP and thats usually at management discretion. the expected duration will be just one of the many variables to consider
I think D